Introduction to Secure Web Coding (Wellington)

Tuesday, 28th Aug 2018
9am start
$760.00 per person (excl. GST)
Wellington

About the course

This one-day course provides an introduction to the principles of secure coding for the web with a focus on the OWASP Top Ten vulnerabilities and how to protect against them. This course is a mix of theoretical and hands-on content that will involve identifying and exploiting vulnerabilities.
The course is designed to cover web applications (internet, intranet or extranet) in a language agnostic manner.

At the end of the course, attendees should have:

  • Gained an understanding of the principles of secure coding for the web
  • An appreciation for common security vulnerabilities and how to prevent them
  • Knowledge of how to look for security vulnerabilities
Course outline
  • Security standards
  • Secure coding principles

OWASP Top 10

A1    Injection
A2    Broken Authentication and Session Management
A3    Cross-Site Scripting
A4    Insecure Direct Object References
A5    Security Misconfiguration
A6    Sensitive Data Exposure
A7    Missing Function Level Access Control
A8    Cross-Site Request Forgery
A9    Using Components with Known Vulnerabilities
A10  Unvalidated Redirects and Forwards

Target Audience

Developers, Architects, Administrators & Technical Testers.

Less technical but interested participants are welcome, although they will get the most out of the course if they can attend with a technical colleague to share the lab work.

Prerequisites

A good understanding of how a typical web application works and knowledge of at least one web language.